PT-2020-4812 · Microsoft · Azure Sphere

Claudio Bozzato

Published

2020-11-10

Updated

2023-12-31

CVE-2020-16985

CVSS v3.1

6.2

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Azure Sphere (affected versions not specified)

Description: The issue is related to a lack of protection for service data in the Azure Sphere operating system. Exploitation of this issue may allow an attacker to gain unauthorized access to the device.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Information Disclosure

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-908

Related Identifiers

BDU:2020-05365

CVE-2020-16985

Affected Products

Azure Sphere

PT-2020-4812 · Microsoft · Azure Sphere

CVE-2020-16985

Weakness Enumeration

Related Identifiers

Affected Products

References · 8